Less than a month ago, December 13, 2019, the City of New Orleans, Louisiana, fell victim to a ransomware cyber attack. And even though the hackers have made no formal ransom demands—at least not yet—there’s still much concern. There are also growing expenses as the city works to recover computers and servers while returning operations to normal. In fact, during a press conference just one week after the cyber attack, New Orleans Mayor, LaToya Cantrell, said to the cost was around $1 million. Today, even with cybersecurity insurance, it’s presumably higher.

As written in an earlier BOLDplanning blog post, Louisiana is no stranger to cybersecurity events or to the issuance of state of emergency declarations in response to them. The December 13, 2019 ransomware attack was the third such event in just six months. The first occurred in July 2019 when school district computers had to be taken offline. The second took place in November 2019 when state government websites and other digital services had to be deactivated.

Unfortunately, the City of New Orleans is also not alone. Cities as large as Atlanta, Georgia, and Baltimore, Maryland, and as small as Riviera Beach, Florida, have all been victims of cyber attacks as of late. And they’ve dished out a whole lot of money in response to them (both in ransom and recovery). Sadly, that’s money that could have been put to good use within these operations and the communities they serve rather than the pockets of ruthless hackers.

Experts in cybersecurity agree that ransomware poses one of the greatest risks to municipalities across the country. In fact, and according to IT security company Barracuda Networks, more than 70 state and local governments were hit with ransomware in 2019. Could yours be next?

Don’t wait for a cyber attack to find out your organization’s IT infrastructure isn’t up to par, or that the proper cybersecurity safeguards aren’t in place. Invest in these things now rather than paying cyber criminals later. Just as important, don’t wait for a cyber attack to discover your Continuity of Operations (COOP) plan or Emergency Operations Plan (EOP) is lacking.